CVE-2019-9756

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-9756
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9756.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-9756
Downstream
Published
2019-04-17T17:29:01.537Z
Modified
2026-04-10T04:20:57.121033Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
342f33beb2ce090cfabfd0a5e7327b78d04588bb
Last affected
075705a5f3bd9748d92cf48073bfe9e79b58f385
Introduced
342f33beb2ce090cfabfd0a5e7327b78d04588bb
Last affected
075705a5f3bd9748d92cf48073bfe9e79b58f385
Introduced
c6f72ac9a88521257991aa9a0cc6d558126f5bb9
Fixed
0a5900e492dd1a35f10af21f1c5d79de12484357
Introduced
c6f72ac9a88521257991aa9a0cc6d558126f5bb9
Fixed
0a5900e492dd1a35f10af21f1c5d79de12484357
Introduced
002a28279f5b3fd229f929bb1f40eb7b5fc87ee9
Fixed
39d0b2ef98d4dfb79a86d185ae23cb1a67e689aa
Introduced
002a28279f5b3fd229f929bb1f40eb7b5fc87ee9
Fixed
39d0b2ef98d4dfb79a86d185ae23cb1a67e689aa
Database specific 
{
    "versions": [
        {
            "introduced": "10.8.0"
        },
        {
            "last_affected": "10.8.7"
        },
        {
            "introduced": "10.8.0"
        },
        {
            "last_affected": "10.8.7"
        },
        {
            "introduced": "11.0.0"
        },
        {
            "fixed": "11.6.10"
        },
        {
            "introduced": "11.0.0"
        },
        {
            "fixed": "11.6.10"
        },
        {
            "introduced": "11.8.0"
        },
        {
            "fixed": "11.8.1"
        },
        {
            "introduced": "11.8.0"
        },
        {
            "fixed": "11.8.1"
        }
    ]
}

Affected versions

v11.*
v11.8.0-ee

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9756.json"